Protecting the cybersecurity of small businesses and their consumers

Picture this—it’s been a long day at your startup. About the time you get home, you open up your laptop, log onto your bank account and are shocked to see your small business’ balance: zero. You never expected it to be you. Surely, with the millions of people who bank online, you’d never be the one targeted.

Unfortunately, in today’s ultra-connected world, we see this happening more often. As chairman of the House Committee on Small Business, I have heard over and over how devastating a cyber attack can be for a business, its owners, employees and its customers.

ADVERTISEMENT

By selling online, small businesses are able to reduce costs, increase sales, and boost overall efficiency. But the same tools and resources that have given small business owners a greater role in the marketplace have also provided cyber criminals and foreign actors with more opportunities to steal sensitive and valuable information.

This is unacceptable.

Thirty-two thousand dollars—that’s the average cost of a cyber attack to a small business, according to a recent survey from the National Small Business Association. According to a report from Verizon, 71 percent of all cyber attacks are directed at businesses with fewer than 100 employees. It is startups and mom and pop shops that are the most susceptible to cyber abuse.

The committee I chair has held several hearings on the government’s role in protecting small businesses from cyber attacks. These businesses that account for over 47 percent of private sector employees are the backbone of the American economy, and cannot be sidelined in the cybersecurity conversation.

One thing was clear: we need to do more when it comes to protecting the cybersecurity of small businesses and their consumers.

While we in Congress must address this need promptly, the partnership between government and small businesses also needs to grow stronger. It is vital that entrepreneurs make sure that their systems and servers are safeguarded from domestic and foreign attacks. Oftentimes they are the target because they simply do not have the resources and staff that large corporations do to defend their assets and customers.

At a recent hearing, representatives from the Federal Bureau of Investigation (FBI) and the Department of Homeland Security (DHS) emphasized the importance of safeguarding small business infrastructure in light of recent revelations of the potential of nefarious foreign owned businesses having access to millions of small business’ data. Being aware of these concerns, I introduced the bipartisan H.R. 4668, the Small Business Advanced Cybersecurity Enhancement Act, to increase the defensive measures available for these startups undergoing or concerned about foreign attacks.

In the war of ideas, innovators need to also secure their intellectual property. Because these startups do not have the luxury of a boardroom of lawyers and consultants, they need to be more aware about safeguarding corporate information. One possible solution is cybersecurity insurance. With the rise in cyberattacks, large businesses have already started adopting this strategy—and many small firms are following suit.

Just last year, the House passed the Improving Small Business Cyber Security Act, a bill that helps small businesses facing cyber threats by providing access to additional tools and resources available through existing federal agencies. The Department of Homeland Security and other federal agencies are able to work with Small Business Development Centers (SBDCs) to make resources for available to small businesses.

Now, more than any time before, we need to prioritize the cybersecurity of our nation’s innovators and small businesses. Their ingenuity and grit are what keep America’s economy strong.